Bugtraq mailing list archives

Re: about sendmail 8.8.8 HELO hole

From: zach () MAILHOST CLIPPER NET (Zach White)
Date: Tue, 26 May 1998 22:17:34 -0700


Valentin Pavlov wrote:

-----Original Message-----
From: Micha³ Zalewski <lcamtuf () boss staszic waw pl>
To: info () rootshell com <info () rootshell com>
Date: 10 stycznia 1998 12:28
Subject: Sendmail 8.8.8 (qmail?) HELO hole.


Here's a brief description of Sendmail (qmail) hole I found
recently:

When someone mailbombs you, or tries to send fakemail, spam, etc -
sendmail normally attachs sender's host name and it's address
to outgoing message:

*snip*

I just checked qmail to see if it was vunerable, and qmail 1.02 is
safe because it displays the host before the helo string (It also
displayed the complete helo string, about 2000 characters). Another
exploit in sendmail and still none for qmail. ;)

--
***** Zach White [/\] ClipperNet Internet Access Services *****
***** Finger zach () mailhost clipper net for public PGP key *****

Current thread:

about sendmail 8.8.8 HELO hole Valentin Pavlov (May 22)
- about sendmail 8.8.8 HELO hole Gregory Neil Shapiro (May 26)
- Re: about sendmail 8.8.8 HELO hole Zach White (May 26)
- Problem with ascend pipeline routers. Eric Thacker (May 26)
  - Re: Problem with ascend pipeline routers. Joe Shaw (May 28)
  - Ascend Pipeline DoS Jeff Wheeler (May 29)
- MS Exchange vulnerable. (was: about sendmail 8.8.8 HELO hole) Yuri Krichevsky (May 27)